Re: [spring] Question about SRv6 Insert function

Ole Troan <> Thu, 05 September 2019 08:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CBE4C120B9A; Thu, 5 Sep 2019 01:23:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id JxKBRd2q23eQ; Thu, 5 Sep 2019 01:23:10 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 326DD120058; Thu, 5 Sep 2019 01:23:10 -0700 (PDT)
Received: from (unknown [IPv6:2a01:79c:cebd:c078:bc56:dd51:6a5d:33a8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id AF8D64E11A43; Thu, 5 Sep 2019 08:23:09 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by (Postfix) with ESMTP id C2CF41B8F99A; Thu, 5 Sep 2019 10:23:07 +0200 (CEST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Ole Troan <>
In-Reply-To: <>
Date: Thu, 5 Sep 2019 10:23:07 +0200
Cc: Fernando Gont <>, Ron Bonica <>, "" <>, "" <>, Suresh Krishnan <>, draft-voyer-6man-extension-header-insertion <>, draft-ietf-spring-srv6-network-programming <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <> <>
To: Fernando Gont <>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <>
Subject: Re: [spring] Question about SRv6 Insert function
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Sep 2019 08:23:12 -0000


See my email to Ron.

Just a short point with regards to your claim:
"If you want to do it, the first step is to update RFC8200".

Let's be clear that this is your own personal view and nothing more than that.

Best regards,

> On 5 Sep 2019, at 02:34, Fernando Gont <> wrote:
> On 4/9/19 09:58, Ole Troan wrote:
>> Fernando,
>>>>> Since there have been plenty of attempts to do EH insertion or
>>>>> leave the IPv6 standard ambiguous in this respect, and the IETF has
>>>>> had consensus that EH insertion is not allowed, I think it would be
>>>>> bad, wastefull, tricky, and even dangerous to let a document go
>>>>> through the whole publication process, and just rely on the AD to
>>>>> keep the "DISCUSS" button pressed.
>>>>> Put another way: what'd be the rationale for having a draft-ietf
>>>>> and have the corresponding wg ship the document with something that
>>>>> clearly goes against IETF consensus, and that the relevant AD has
>>>>> declared that wouldn't let pass?
>>>> In short, this is not the case. I am *not* the relevant AD for the
>>>> SRv6 Network Programming draft. If this document was in 6man I would
>>>> have flagged it much earlier like I did for the SRH draft.
>>> Sorry, what I meant by "relevant AD" is: "one of the responsible ADs for
>>> the spec that's being violated".
>>> i.e., isn't there in the IETF process -- whether formal or informal --
>>> for this sort of thing to be flagged before documents get too far in the
>>> publication process?  ("Hey, this document in your area is actually
>>> breaking a spec of one of my wgs" sort of thing...)
>> I would prefer that we calmed down a bit on the protocol policing.
> Sorry, but this has nothing to do with protocol policing. It has to do
> with respecting the consensus this wg and the ietf as a whole had on the
> topic. i.e., that EHs must not be inserted in the network.
> We'd go into an interesting path to insanity if we publish specs, and
> subsequently publish conflicting specs that simply ignore previous ietf
> consensus.
> If folks want to do EH insertion, the #1 step is to publish a document
> that updates RFC8200 such that the "EHs must not be inserted..." is
> replaced with something else or eliminated.
>> We know that header insertion breaks unsuspecting source hosts if done by the network.
>> It breaks (at least) PMTUD, ICMP errors and AH.
>> What we have said in the past is; explain how those issues are dealt with or do not apply to your proposal.
> That's what you and others may have said or thought. But the consensus
> is what's in the standard (RFC8200). And the standard says that EHs
> cannot be inserted in the network. If you want to do it, the first step
> is to update RFC8200.
>> And some form of "doing on behalf of" is not necessarily problematic.
> It is rightaway problematic specs-wise when it violates a crystal-clear
> requirement in RFC8200, that we arrived to after a very heated debate,
> and lots of enegery and time from all the involved people.
> The fact that after all the long story behind publication of rfc8200 as
> standard (and the ongoing srv6 document we're doing here, which was
> adopted on the condition that it wouldn't do eh-insertion), we can live
> with other wgs violating specs that we produced here with so much effort
> and time, is kind of amusing.
> If folks want to allow EH-insertion (i.e., formally allowing middleboxes
> to fiddle with packets), RFC8200 should be updated, and the work should
> be done in 6man.
> I don't think it's SPRING's call how the IPv6 protocol works.
>> It's the "blind" "Thou shalt not do" that I object to. As opposed to arguing on technical grounds.
>> Ensuring interoperability is our purpose. Not protect 8200 as if it's a religious text.
> My #1 concern (not that I don't have others) is one related to fairness
> of the standardization process. I don't think we should simply
> rubberstamp anything a big vendor wants to sell, no matter how big the
> vendor is, or how much money may be involved.
> And if this working group (and the IETF as a whole) published a spec on
> which there was consensus, ignoring the spec and doing whatever one
> pleases is not the way to go. Firstly, make e the case for updating
> RFC8200. Then come up with the proposal to fiddle with packets in the
> network.
> P.S.: I've never been into the camp of protecting X (whether rfc8200 or
> any other document) as if it was religious text. Quite ironically, I
> have experienced such religious opposition in 6man itself (for instance,
> your argument of "don't fix slaac-renumbering because ipv6 has not been
> designed to support flash renumbering" seems pretty much a religious
> argument against work that would not result in any major modifications
> to any of the protocols involved -- as opposed to EH insertion).
> -- 
> Fernando Gont
> SI6 Networks
> e-mail:
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492